2 * utils/exportfs/exportfs.c
4 * Export file systems to knfsd
6 * Copyright (C) 1995, 1996, 1997 Olaf Kirch <okir@monad.swb.de>
8 * Extensive changes, 1999, Neil Brown <neilb@cse.unsw.edu.au>
15 #include <sys/types.h>
37 static void export_all(int verbose);
38 static void exportfs(char *arg, char *options, int verbose);
39 static void unexportfs(char *arg, int verbose);
40 static void exports_update(int verbose);
41 static void dump(int verbose);
42 static void error(nfs_export *exp, int err);
43 static void usage(const char *progname);
44 static void validate_export(nfs_export *exp);
45 static int matchhostname(const char *hostname1, const char *hostname2);
46 static void export_d_read(const char *dname);
47 static void grab_lockfile(void);
48 static void release_lockfile(void);
50 static const char *lockfile = EXP_LOCKFILE;
51 static int _lockfd = -1;
54 * If we aren't careful, changes made by exportfs can be lost
55 * when multiple exports process run at once:
57 * exportfs process 1 exportfs process 2
58 * ------------------------------------------
59 * reads etab version A reads etab version A
60 * adds new export B adds new export C
61 * writes A+B writes A+C
63 * The locking in support/export/xtab.c will prevent mountd from
64 * seeing a partially written version of etab, and will prevent
65 * the two writers above from writing simultaneously and
66 * corrupting etab, but to prevent problems like the above we
67 * need these additional lockfile() routines.
72 _lockfd = open(lockfile, O_CREAT|O_RDWR, 0666);
74 lockf(_lockfd, F_LOCK, 0);
80 lockf(_lockfd, F_ULOCK, 0);
84 main(int argc, char **argv)
87 char *progname = NULL;
97 if ((progname = strrchr(argv[0], '/')) != NULL)
108 while ((c = getopt(argc, argv, "aio:ruvf")) != EOF) {
138 if (optind != argc && f_all) {
139 xlog(L_ERROR, "extra arguments are not permitted with -a or -r");
142 if (f_ignore && (f_all || ! f_export)) {
143 xlog(L_ERROR, "-i not meaningful with -a, -r or -u");
146 if (f_reexport && ! f_export) {
147 xlog(L_ERROR, "-r and -u are incompatible");
150 new_cache = check_new_cache();
151 if (optind == argc && ! f_all) {
156 xlog(L_ERROR, "-f is available only "
157 "with new cache controls. "
158 "Mount /proc/fs/nfsd first");
170 * Serialize things as best we can
173 atexit(release_lockfile);
175 if (f_export && ! f_ignore) {
176 export_read(_PATH_EXPORTS);
177 export_d_read(_PATH_EXPORTS_D);
181 export_all(f_verbose);
183 for (i = optind; i < argc ; i++)
184 exportfs(argv[i], options, f_verbose);
186 /* If we are unexporting everything, then
187 * don't care about what should be exported, as that
188 * may require DNS lookups..
190 if (! ( !f_export && f_all)) {
191 /* note: xtab_*_read does not update entries if they already exist,
192 * so this will not lose new options
197 for (i = optind ; i < argc ; i++)
198 unexportfs(argv[i], f_verbose);
204 exports_update(f_verbose);
208 cache_flush(force_flush);
216 exports_update_one(nfs_export *exp, int verbose)
218 /* check mountpoint option */
219 if (exp->m_mayexport &&
220 exp->m_export.e_mountpoint &&
221 !is_mountpoint(exp->m_export.e_mountpoint[0]?
222 exp->m_export.e_mountpoint:
223 exp->m_export.e_path)) {
224 printf("%s not exported as %s not a mountpoint.\n",
225 exp->m_export.e_path, exp->m_export.e_mountpoint);
226 exp->m_mayexport = 0;
228 if (exp->m_mayexport && ((exp->m_exported<1) || exp->m_changed)) {
230 printf("%sexporting %s:%s to kernel\n",
231 exp->m_exported ?"re":"",
232 exp->m_client->m_hostname,
233 exp->m_export.e_path);
234 if (!export_export(exp))
237 if (exp->m_exported && ! exp->m_mayexport) {
239 printf("unexporting %s:%s from kernel\n",
240 exp->m_client->m_hostname,
241 exp->m_export.e_path);
242 if (!export_unexport(exp))
248 /* we synchronise intention with reality.
249 * entries with m_mayexport get exported
250 * entries with m_exported but not m_mayexport get unexported
251 * looking at m_client->m_type == MCL_FQDN and m_client->m_type == MCL_GSS only
254 exports_update(int verbose)
258 for (exp = exportlist[MCL_FQDN].p_head; exp; exp=exp->m_next) {
259 exports_update_one(exp, verbose);
261 for (exp = exportlist[MCL_GSS].p_head; exp; exp=exp->m_next) {
262 exports_update_one(exp, verbose);
267 * export_all finds all entries and
268 * marks them xtabent and mayexport so that they get exported
271 export_all(int verbose)
276 for (i = 0; i < MCL_MAXTYPES; i++) {
277 for (exp = exportlist[i].p_head; exp; exp = exp->m_next) {
279 printf("exporting %s:%s\n",
280 exp->m_client->m_hostname,
281 exp->m_export.e_path);
283 exp->m_mayexport = 1;
286 validate_export(exp);
293 exportfs(char *arg, char *options, int verbose)
295 struct exportent *eep;
296 nfs_export *exp = NULL;
297 struct addrinfo *ai = NULL;
302 if ((path = strchr(arg, ':')) != NULL)
305 if (!path || *path != '/') {
306 xlog(L_ERROR, "Invalid exporting option: %s", arg);
310 if ((htype = client_gettype(hname)) == MCL_FQDN) {
311 ai = host_addrinfo(hname);
313 exp = export_find(ai, path);
314 hname = ai->ai_canonname;
317 exp = export_lookup(hname, path, 0);
320 if (!(eep = mkexportent(hname, path, options)) ||
321 !(exp = export_create(eep, 0)))
323 } else if (!updateexportent(&exp->m_export, options))
327 printf("exporting %s:%s\n", exp->m_client->m_hostname,
328 exp->m_export.e_path);
330 exp->m_mayexport = 1;
333 validate_export(exp);
340 unexportfs(char *arg, int verbose)
343 struct addrinfo *ai = NULL;
348 if ((path = strchr(arg, ':')) != NULL)
351 if (!path || *path != '/') {
352 xlog(L_ERROR, "Invalid unexporting option: %s", arg);
356 if ((htype = client_gettype(hname)) == MCL_FQDN) {
357 ai = host_addrinfo(hname);
359 hname = ai->ai_canonname;
362 for (exp = exportlist[htype].p_head; exp; exp = exp->m_next) {
363 if (path && strcmp(path, exp->m_export.e_path))
365 if (htype != exp->m_client->m_type)
367 if (htype == MCL_FQDN
368 && !matchhostname(exp->m_export.e_hostname,
371 if (htype != MCL_FQDN
372 && strcasecmp(exp->m_export.e_hostname, hname))
376 if (exp->m_exported) {
377 printf("unexporting %s:%s from kernel\n",
378 exp->m_client->m_hostname,
379 exp->m_export.e_path);
383 printf("unexporting %s:%s\n",
384 exp->m_client->m_hostname,
385 exp->m_export.e_path);
388 if (exp->m_exported && !export_unexport(exp))
392 exp->m_mayexport = 0;
398 static int can_test(void)
402 char *setup = "nfsd 0.0.0.0 2147483647 -test-client-\n";
403 fd = open("/proc/net/rpc/auth.unix.ip/channel", O_WRONLY);
404 if ( fd < 0) return 0;
405 n = write(fd, setup, strlen(setup));
409 fd = open("/proc/net/rpc/nfsd.export/channel", O_WRONLY);
410 if ( fd < 0) return 0;
415 static int test_export(char *path, int with_fsid)
420 sprintf(buf, "-test-client- %s 3 %d -1 -1 0\n",
422 with_fsid ? NFSEXP_FSID : 0);
423 fd = open("/proc/net/rpc/nfsd.export/channel", O_WRONLY);
426 n = write(fd, buf, strlen(buf));
434 validate_export(nfs_export *exp)
436 /* Check that the given export point is potentially exportable.
437 * We just give warnings here, don't cause anything to fail.
438 * If a path doesn't exist, or is not a dir or file, give an warning
439 * otherwise trial-export to '-test-client-' and check for failure.
442 char *path = exp->m_export.e_path;
446 if (stat(path, &stb) < 0) {
447 xlog(L_ERROR, "Failed to stat %s: %m", path);
450 if (!S_ISDIR(stb.st_mode) && !S_ISREG(stb.st_mode)) {
451 xlog(L_ERROR, "%s is neither a directory nor a file. "
452 "Remote access will fail", path);
458 if (!statfs64(path, &stf) &&
459 (stf.f_fsid.__val[0] || stf.f_fsid.__val[1]))
462 if ((exp->m_export.e_flags & NFSEXP_FSID) || exp->m_export.e_uuid ||
464 if ( !test_export(path, 1)) {
465 xlog(L_ERROR, "%s does not support NFS export", path);
468 } else if ( ! test_export(path, 0)) {
469 if (test_export(path, 1))
470 xlog(L_ERROR, "%s requires fsid= for NFS export", path);
472 xlog(L_ERROR, "%s does not support NFS export", path);
479 is_hostname(const char *sp)
481 if (*sp == '\0' || *sp == '@')
484 for (; *sp != '\0'; sp++) {
485 if (*sp == '*' || *sp == '?' || *sp == '[' || *sp == '/')
487 if (*sp == '\\' && sp[1] != '\0')
495 * Take care to perform an explicit reverse lookup on presentation
496 * addresses. Otherwise we don't get a real canonical name or a
497 * complete list of addresses.
499 static struct addrinfo *
500 address_list(const char *hostname)
505 ai = host_pton(hostname);
507 /* @hostname was a presentation address */
508 cname = host_canonname(ai->ai_addr);
513 /* @hostname was a hostname or had no reverse mapping */
514 cname = strdup(hostname);
519 ai = host_addrinfo(cname);
525 matchhostname(const char *hostname1, const char *hostname2)
527 struct addrinfo *results1 = NULL, *results2 = NULL;
528 struct addrinfo *ai1, *ai2;
531 if (strcasecmp(hostname1, hostname2) == 0)
535 * Don't pass export wildcards or netgroup names to DNS
537 if (!is_hostname(hostname1) || !is_hostname(hostname2))
540 results1 = address_list(hostname1);
541 if (results1 == NULL)
543 results2 = address_list(hostname2);
544 if (results2 == NULL)
547 if (strcasecmp(results1->ai_canonname, results2->ai_canonname) == 0) {
552 for (ai1 = results1; ai1 != NULL; ai1 = ai1->ai_next)
553 for (ai2 = results2; ai2 != NULL; ai2 = ai2->ai_next)
554 if (nfs_compare_sockaddr(ai1->ai_addr, ai2->ai_addr)) {
560 freeaddrinfo(results1);
561 freeaddrinfo(results2);
565 /* Based on mnt_table_parse_dir() in
566 util-linux-ng/shlibs/mount/src/tab_parse.c */
568 export_d_read(const char *dname)
571 struct dirent **namelist = NULL;
574 n = scandir(dname, &namelist, NULL, versionsort);
577 /* Silently return */
579 xlog(L_NOTICE, "scandir %s: %s", dname, strerror(errno));
583 for (i = 0; i < n; i++) {
584 struct dirent *d = namelist[i];
586 char fname[PATH_MAX + 1];
590 if (d->d_type != DT_UNKNOWN
591 && d->d_type != DT_REG
592 && d->d_type != DT_LNK)
594 if (*d->d_name == '.')
597 #define _EXT_EXPORT_SIZ (sizeof(_EXT_EXPORT) - 1)
598 namesz = strlen(d->d_name);
600 || namesz < _EXT_EXPORT_SIZ + 1
601 || strcmp(d->d_name + (namesz - _EXT_EXPORT_SIZ),
605 fname_len = snprintf(fname, PATH_MAX +1, "%s/%s", dname, d->d_name);
606 if (fname_len > PATH_MAX) {
607 xlog(L_WARNING, "Too long file name: %s in %s", d->d_name, dname);
614 for (i = 0; i < n; i++)
622 dumpopt(char c, char *fmt, ...)
637 struct exportent *ep;
641 for (htype = 0; htype < MCL_MAXTYPES; htype++) {
642 for (exp = exportlist[htype].p_head; exp; exp = exp->m_next) {
645 continue; /* neilb */
646 if (htype == MCL_ANONYMOUS)
649 hname = ep->e_hostname;
650 if (strlen(ep->e_path) > 14)
651 printf("%-14s\n\t\t%s", ep->e_path, hname);
653 printf("%-14s\t%s", ep->e_path, hname);
659 if (ep->e_flags & NFSEXP_READONLY)
660 c = dumpopt(c, "ro");
662 c = dumpopt(c, "rw");
663 if (ep->e_flags & NFSEXP_ASYNC)
664 c = dumpopt(c, "async");
665 if (ep->e_flags & NFSEXP_GATHERED_WRITES)
666 c = dumpopt(c, "wdelay");
667 if (ep->e_flags & NFSEXP_NOHIDE)
668 c = dumpopt(c, "nohide");
669 if (ep->e_flags & NFSEXP_CROSSMOUNT)
670 c = dumpopt(c, "crossmnt");
671 if (ep->e_flags & NFSEXP_INSECURE_PORT)
672 c = dumpopt(c, "insecure");
673 if (ep->e_flags & NFSEXP_ROOTSQUASH)
674 c = dumpopt(c, "root_squash");
676 c = dumpopt(c, "no_root_squash");
677 if (ep->e_flags & NFSEXP_ALLSQUASH)
678 c = dumpopt(c, "all_squash");
679 if (ep->e_flags & NFSEXP_NOSUBTREECHECK)
680 c = dumpopt(c, "no_subtree_check");
681 if (ep->e_flags & NFSEXP_NOAUTHNLM)
682 c = dumpopt(c, "insecure_locks");
683 if (ep->e_flags & NFSEXP_NOACL)
684 c = dumpopt(c, "no_acl");
685 if (ep->e_flags & NFSEXP_FSID)
686 c = dumpopt(c, "fsid=%d", ep->e_fsid);
688 c = dumpopt(c, "fsid=%s", ep->e_uuid);
689 if (ep->e_mountpoint)
690 c = dumpopt(c, "mountpoint%s%s",
691 ep->e_mountpoint[0]?"=":"",
693 if (ep->e_anonuid != 65534)
694 c = dumpopt(c, "anonuid=%d", ep->e_anonuid);
695 if (ep->e_anongid != 65534)
696 c = dumpopt(c, "anongid=%d", ep->e_anongid);
697 switch(ep->e_fslocmethod) {
701 c = dumpopt(c, "refer=%s", ep->e_fslocdata);
704 c = dumpopt(c, "replicas=%s", ep->e_fslocdata);
708 c = dumpopt(c, "fsloc=stub");
712 secinfo_show(stdout, ep);
713 printf("%c\n", (c != '(')? ')' : ' ');
719 error(nfs_export *exp, int err)
721 xlog(L_ERROR, "%s:%s: %s", exp->m_client->m_hostname,
722 exp->m_export.e_path, strerror(err));
726 usage(const char *progname)
728 fprintf(stderr, "usage: %s [-aruv] [host:/path]\n", progname);
projects / nfs-utils.git / blob